Question

Can't connect to Docker container running on Droplet

Posted August 10, 2021 119 views
DockerNetworkingDigitalOcean Droplets

I’m trying to run a docker container via docker-compose on a droplet, but finding I’m not able at all to access the container from on the droplet (with curl). I followed this guide to install Docker, plus I added docker-compose.

Here’s what my docker-compose.yml looks like:

version: "2.1"
services:
  sonarr:
    image: ghcr.io/linuxserver/sonarr
    container_name: sonarr
    environment:
      - PUID=1000
      - PGID=132
      - TZ=Europe/London
    volumes:
      - ~/docker/configs/sonarr:/config
    ports:
      - 8989:8989
    restart: unless-stopped

It starts up fine, if I open a shell on the container I can see the service is running and curl it with localhost:8989. But then from outside the container (on the droplet), curl localhost:8989 returns with ‘Connection reset by peer’

I’ve tried running this exact config on a local server also running Ubuntu 20.04 and it all works as expected, I can curl from outside the container and get the response from inside (although that’s running Docker v19 but I hope that wouldn’t affect it?). All I can conclude is it’s something to do with a firewall or iptables or something on the droplet? But I’m not trying to even access it externally, purely from on the droplet.

Any advice? Thanks!

1 comment
  • Doing some more digging, I’ve realised that actually no networking is working from inside the container. If I open a shell in the container, even curl google.com returns Could not resolve host and trying the IP of a website hangs forever. Again, these work fine in the identical container I’m running in a newly created droplet.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
1 answer

Hi there @dwm,

I could suggest a couple of things:

  • Make sure that the Docker container is still listening on that port:
netstat -plant | grep 8989

If not, I would recommend checking your container logs to see what might have happened.

  • If you have a firewall like UFW, make sure to allow the port:
ufw allow 8989

Let me know how it goes!
Regards,
Bobby

  • Thanks! netstat -plant | grep 8989 gives me this which looks right I think?:

    tcp        0      0 0.0.0.0:8989            0.0.0.0:*               LISTEN      143414/docker-proxy
    tcp6       0      0 :::8989                 :::*                    LISTEN      143423/docker-proxy
    

    And I don’t have UFW enabled, no. I do have fail2ban come to think of it though, but I’ve just tried with that disabled just in case and it didn’t seem to fix it.

    • Hi there,

      Indeed it looks good. Do you by any chance have a DigitalOcean Managed Firewall that could be blocking the port?

      Another thing that I could suggest is to run a curl command locally from the Droplet itself to see if you could get the correct response:

      curl -IL 127.0.0.1:8989
      

      Also do you see any errors in your Docker logs?

      Regards,
      Bobby